Shashank
Reputation: 757
How to secure kafka connect so connection.url is not logged revealing credentials?
The problem I am having is that credentials are being logged when running a connector, I don't want to log those.
Any leads will be appreciated.
Upvotes: 1
Views: 221
Answers (1)
Aman Saurav
Reputation: 826
Try to use the connection.password property, the value should be masked while logging. Something like this :
curl -X POST http://localhost:8083/connectors -H "Content-Type: application/json" -d \
'{
"name":"jdbc_source_mysql_01",
"config":{
"connector.class":"io.confluent.connect.jdbc.JdbcSourceConnector"
"connection.url":"jdbc:mysql://mysql:3306/demo",
"connection.user":"connect_user",
"connection.password":"password",
"topic.prefix":"mysql-01-",
"mode":"bulk"
}
}'
Post this the logs should look like :
INFO JdbcSourceTaskConfig values:
batch.max.rows = 100
connection.attempts = 3
connection.backoff.ms = 10000
connection.password = null
connection.url = jdbc:mysql://*REDACTED*
Upvotes: 1
Related Questions
- Kafka 0.9.1 authorization
- Using apache kafka in SSL mode
- Is pre-authentication against a second url supported in kafka-connect-http?
- Secrets management during kafka-connector startup
- Kafka Username password authentication Issue
- Configure Kafka client to connect with issued SSL key/cert
- Safely give secret/token to Kafka Connector?
- Enable SSL for Kafka Clients
- Kafka SSL security Setup causing issue
- Kafka security and authentication